ViacomCBS Jobs

Job Information

ViacomCBS Lead Cloud Security Engineer in San Francisco, California

REF#: 38150


JOB TYPE: Full-Time Staff


JOB LOCATION: San Francisco, CA


CBS Interactive, a division of ViacomCBS, is the world’s largest publisher of premium digital content and a perennial top 10 Internet company. CBS Interactive’s brands span popular categories like technology, entertainment, sports, news and gaming.

Properties include the websites, apps and streaming services of the CBS Television Network such as the CBS All Access subscription service, CBS News Digital platforms including the 24/7 digital news network CBSN, and CBS Sports Digital brands including the 24-hour streaming sports news network CBS Sports HQ, as well as digital-first properties in key content verticals, including CNET, ZDNet,, GameSpot,, Metacritic and Chowhound.

Follow CBS Interactive on Twitter and Facebook.


Division Overview:

Join the ViacomCBS Information Security Team at ViacomCBS Streaming/Digital division as a Lead Cloud Security Engineer and be a part of the talented team that designs, builds, and deploys solutions that protect ViacomCBS Streaming platforms and its customers against advanced adversaries. You will research the latest threats & methods for deploying infrastructure controls in the prevention, detection and reaction to best securing the environment and automating threat identification and defense capabilities. Your mission will be to ensure that ViacomCBS Streaming & Digital environments and customer data remains secure.

Role Details:

You will work across many teams & business partners including infrastructure, engineering, operations, architecture, and product development. You will work across multiple work streams including infrastructure security, security operations, configuration management, network security, and security architecture. In this role, you will design and develop for the cloud (GCP, AWS, Azure) based Infrastructure controls and guardrails to support the ViacomCBS Streaming teams and platforms utilized by consumers.

Your Day -to-day:

  • We’re looking for a level-headed and professional person with great verbal & written communication skills who has the ability to work in a team environment.

  • This person should think of infrastructure as code. You will work closely with the Operation, Development, and QA teams on architecture and technologies.

  • Architecture, configuration, operations, and maintenance of infrastructure, network and supporting software related to the cloud & application infrastructure.

  • Proven track record developing and implementing security tools, technologies and process integrations for cloud-based architectures.

  • Prior experience working closely with product and DevOps Engineers and/or SRE’s on security requirements. Experience with DevOps environments and AWS & GCP security controls is a strong plus.

  • As a hands-on technical specialist, handle complex and detailed technical work necessary to establish and maintain secure cloud security environments.

  • Securing perimeter and network of ViacomCBS Streaming/Digital applications & environments.

  • Implement and maintain network security infrastructure globally including Zero Trust, DDOS mitigation, Micro-Segmentation, and remote access (i.e. VPN services).

  • Architect, configure, manage and deploy devices including firewalls, VPC’s, Security Groups, Key Management, and Secure SDLC pipeline to improve our ability to prevent and detect intrusions in real-time.

Key Projects

  • Gather threat intelligence and build, optimize, and automate systems to consume threat feeds and track adversaries.

  • Work with application owners and infrastructure teams to design and architect infrastructure (network, OS, databases) and applications to protect against attackers.

  • Collaborate with others in Information Security Engineering to improve Security Incident & Event Management (SIEM) solutions integration with log aggregation tools and services.

  • Develop network/application security solutions designed to implement segmentation and access control across applications deployed in various VPC’s and some on-premise platforms.


What you bring to the team:

You have -

  • Experience with building and operating secure infrastructures with 4 - 6 yrs in Information Security (SecDevOps is a plus!).

  • Experience in platform security in at least three of the following domains: secure cloud deployment, application whitelisting, security engineering, incident handling, vulnerability analysis, active adversary threat management, penetration testing, intrusion detection, firewalls, and encryption technologies.

  • In-depth knowledge of AWS & GCP and other public & private cloud infrastructure is required.

  • In-depth knowledge of TCP/IP networking (OSI stack, TCP, SDN, etc).

  • Experience with CI/CD tools such as Jenkins, Github Actions, etc.

  • Experience using a programming language such as python or Go for automation, plus Terraform, Chef, Puppet, Ansible, SaltStack, or CloudFormation..

  • Strong Unix/Linux experience with familiarity with Windows environments and hardening guidelines.

  • Strong understanding of Threat Modeling including Threat Detection & Prevention.

  • Knowledge and experience with networks and hosts are required, application security practices are a bonus.

  • Experience with VPC’s, Configuration Management, and other network security.

FUNCTION: IT/Technology Operations

EEO Statement:

ViacomCBS is an equal opportunity employer (EOE) including disability/vet.

At ViacomCBS, the spirit of inclusion feeds into everything that we do, on-screen and off. From the programming and movies we create to employee benefits/programs and social impact outreach initiatives, we believe that opportunity, access, resources and rewards should be available to and for the benefit of all. ViacomCBS is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, and Veteran status

If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access as a result of your disability. You can request reasonable accommodations by calling 212.846.5500 or by sending an email to Only messages left for this purpose will be returned.